Using the IGRM Model

Introduction

The Information Governance Reference Model is available to corporations, analyst firms, industry associations and other parties as a tool for communicating with and to organization stakeholders on responsibilities, processes and practices for information governance. It can help establish the importance of linking stakeholders, particularly those responsible for ensuring that the legal duties for information are met, those that understand the business value of information and those that manage information assets. The IGRM is unique as a model in that it casts light on the dependencies across these stakeholders for legal compliance and defensible disposal.

EDRM.net encourages you to use the diagram to facilitate better cooperation, cross-functional processes and better information governance at your company or for your constituencies.

Short Narrative of IGRM

The IGRM (Information Governance Reference Model) provides a framework for cross functional and executive dialogue and serves as a catalyst for defining a unified governance approach to information.

Long Narrative of IGRM

The IGRM provides a framework for defining a unified governance approach to information by showing the linkage between value and duty to information assets.

The IGRM diagram is a responsibility model rather than a document or case lifecycle model. It helps to identify the stakeholders, define their respective “stake” in information, and highlights the intersection and dependence across these stakeholders.

IGRM Diagram

Elements of the IGRM

Information Is at The Center – The information basics are distilled out and at the center of the IGRM model – with the notable inclusion of “dispose” as the end state of information. Note the “information gates” in the middle, where information accumulates.

It Starts With The Business & Value – The line of business has an interest in information proportional to its value – the degree to which it helps drive the profit or purpose of the enterprise itself. Once that value expires, the business quickly loses interest in managing it, cleaning it up, or paying for it to be stored. One of the things that the IGRM does is distinguish value from regulatory obligation or IT efficiency. The diagram defines the business group’s responsibility to define and declare the specific value of information; all data doesn’t have value and the value of data isn’t constant.

Legal & RIM Have Legal Responsibilities – Legal and RIM on the left side are chartered typically to manage risk for the company. The diagram underscores that it is the legal department’s responsibility to define what to put on hold and what and when to collect data for discovery. Likewise, it is RIM’s responsibility to ensure that regulatory obligations for information are met including what to retain and archive for how long. Together they both have an enormous role in how and when companies can dispose of data.

IT is Chartered with Efficient Management – As with the business segment, IT calls on legal and RIM to be specific about the duties for information – what they are and when those duties end. IT stores and secures information under their management. Of course their focus is efficiency and they’re typically under huge pressure to increase efficiency and lower cost. One of the most valuable aspects of the diagram is that it highlights the fact that without collaboration and unified governance, IT doesn’t know and can’t speak to what information has value or what duties apply to specific information.

Framework for Progress – The IGRM can help companies recognize that for IT to manage data efficiently, it is essential to link specific duties and business value to the information assets.

Frequently Asked Questions

How can the IGRM be used?

The IGRM is a tool to conduct an executive dialogue across legal, IT, RIM and the business. The diagram can be used to facilitate better cooperation, cross-functional processes and better information governance at your company or for your constituencies.

What is the relationship between the IGRM and the EDRM?

The IGRM is one of 8 projects within the EDRM.net organization. While the well known diagram of the EDRM illustrates a model for electronic discovery, the IGRM diagram illustrates a model for information management.

How was the diagram developed?

The diagram was developed from multiple key inputs, including:

Interested parties with expertise in RIM, Discovery, and Information Management

Community effort

Series of bi-weekly sessions over more than 12 months

Socialized with more than 350 CGOC corporate member practitioners in several CGOC meetings, and broadly distributed to over 750 CGOC member practitioners

Survey results from corporate practitioners which showed:

100% of respondents stating that defensible disposal was the purpose of information governance practice

Two-thirds of IT and one-half of RIM respondents said their current responsibility model for information governance didn’t work

80% of respondents across legal, IT, and RIM said they had little or very weak linkage between legal obligations for information and records management and data management

While there are many lifecycle models for information and the EDRM lifecycle model for a legal case, most companies are unable to defensibly dispose of information for lack of transparency across legal, RIM and IT organizations and lack of systematic linkage across their processes. IDC projects that data volume will increase by a factor of 44 over the next 10 years and litigation costs and preservation obligations escalate continuously, creating an unworkable situation for many companies. Very often detailed lifecycle models that are anchored in a single discipline such as discovery or records management fail to garner the level of senior management attention and support that can galvanize true change and charter the kinds of programs and practices that enable defensible disposal of information at the end of its lifecycle. The IGRM can provide that executive catalyst and in that respect, complement the detailed discipline tools that are offered by organizations like ARMA, AIIM, and Sedona.

What if the IGRM doesn’t reflect how information is managed in my company?

It probably doesn’t because very few companies have systematically integrated processes that link legal obligations and information value to information assets in IT custody. Because of the IGRM’s unique representation of the dependencies across those stakeholders, it can help establish the importance of linking them and create the integrated processes that are the critical foundation to achieving defensible disposal.

Why isn’t the diagram more prescriptive on what tools, technologies and activities are needed?

The IGRM is an essential initial step for companies with complex information environments where the need for executive stakeholder alignment precedes the purchase of tools and technologies yet is often missing. The diagram is a tool to illustrate how people and processes are key and they seldom intersect today. We anticipate building on the diagram and the tool set available for corporations in the coming months and years. A process maturity model from CGOC is a resource available today that can help companies assess what processes must be improved and what gaps exist as a guide for companies.

Are there tools that can help us assess our processes today on the path toward defensible disposal and systematic cooperation among the internal stakeholders?

There are tools that provide the “next level” detail from the IGRM. One example is the process maturity model from CGOC which outlines 13 key processes in ediscovery and information management. Each process is described in terms of a maturity level from one to four – completely manual and ad hoc to greater degrees of process integration across functions and automation.

Information Governance Reference Model

Except where otherwise noted, content posted at EDRM.net is licensed under a Creative Commons Attribution 3.0 Unported License. That means you are free to share, remix or make commercial use of the content so long as you provide attribution. To provide attribution, please cite to "EDRM (edrm.net)." If you have questions, contact us at mail@edrm.net.